But you didn’t have to cut me off
Make out like it never happened
The PCAOB announced they will propose a rule Dec. 4 to require public companies to reveal the name of the lead audit partner as part of the annual reporting process. The announcement was made by Chairman James Doty at the PCAOB Standing Advisory Group meeting I attended in Washington DC on November 13-14 and was reported in the Wall Street Journal:
“I believe it’s a good idea for the capital markets to have it,” said James Doty, chairman of the government’s Public Company Accounting Oversight Board said at a meeting in Washington on Wednesday.
Currently only the name of an audit firm, such as PricewaterhouseCoopers or Deloitte & Touche, is signed at the end of corporate annual reports.
The move is the PCAOB’s second attempt at increasing transparency around auditors. The watchdog agency first proposed a rule to name audit partners in October 2011. The new version takes into account public comments, and will be open for another round of comments for 60 days. The final rule is expected in the spring.
“In the two years I’ve been here, I’ve become more convinced by what I’ve seen that it is in the long range best interest of the public auditing profession,” Mr. Doty said.
But, wait a minute here. The discussion of naming the lead engagement partner goes back way beyond a first proposed rule in October 2011. Taking a look at the docket for this proposed rule we see that there was a concept release proposed in July of 2009. However the first mention of the issue by the PCAOB was at one of the first PCAOB SAG meetings in 2005, reprinted here from a transcript of the webcast.
Bob Kueppers of Deloitte gives the standard audit firm position, one they all still cling to today:
(Kueppers serves as Senior Partner, Global Regulatory and Public Policy for Deloitte LLP and leads that firm’s Center for Corporate Governance. He is no longer on the SAG but still attends some open meetings.)
MR. KUEPPERS: Thanks Jen. We are kind of on a roll with bad ideas.
I don’t support this particular one. Let me tell why you. I think that the board and audit committee have absolute knowledge and understanding and actually a sense or a feeling of the capability of the individual on the engagement and they do so on behalf of the investors. I think the — the truth is that the entire firm stands behind the report.
There is differential legal responsibility, frankly, as part of — you know – the individual people on the account have different liability profiles in terms of personal assets at risk as opposed to all other partners; but the real point is that the entire system of quality control what is stands behind that opinion. And the entire system of quality control includes the partner, the second reviewer, but what about the national office consultation partner?
What about the methodology that underpins and documents the audit? So I think it tends to limit the importance, frankly, of the firm name when you do that; so I’m not in favor.
Kueppers’ concerns, and those of the audit firms and their supporters on boards and in public company executives ranks, were addressed in the most recent PCAOB proposed rule on this issue.
After considering comments on the concept release, the amendments the Board is proposing would require the audit report to disclose the engagement partner responsible for the most recent period’s audit. The name of the engagement partner would be disclosed and the only signature included in the audit report would be the signature of the firm issuing the report. Inclusion of the partner’s name would not increase or otherwise affect the duties and obligations of the engagement partner under PCAOB standards in performing the audit.
The proposed approach has most of the same potential benefits as a signature requirement. Disclosure should serve the same transparency purpose as a signature because the name of the partner would become known to readers of the report through either approach. Furthermore, to the extent that association of the partner’s name with the report could increase his or her sense of personal accountability, disclosure would serve that purpose as effectively as would a signature requirement.
(I could also comment on the irony of Deloitte claiming that the firm’s “entire system of quality control” stands behind its opinions when Deloitte was the first Big Four firm to have its PCAOB Part II quality inspection made public because of unresolved deficiencies and is now the only firm to have its private report made public twice because 2008 deficiencies are still not fixed. But I won’t.)
The PCAOB also noted in the proposed rule that engagement partners can be liable in PCAOB and SEC enforcement actions without regard to whether they signed the audit report. That is certainly true for private litigation as well, since once litigation is considered, it’s a simple exercise for investors and their attorneys to find out who the engagement partner was during the affected periods.
We’ve also seen a firm try to disavow liability for a lousy audit on the basis of an individual partner signature. In the Centro case, PwC claimed that lead partner Stephen Cougle was “the auditor”, not PwC the firm, for purposes of the actual audit opinion. The PwC lawyers also argued that the client was Centro, the company and its executives, not its shareholders.
And then there’s the ludicrous argument made by outside lawyers for PwC and EY recently that the audit opinion is just that—only an opinion. They’ll go to any lengths to evade liability.
If I were a partner I’d be more worried about my firm tossing me overboard than any angry investors coming after me with pitchforks.
My complaint with the PCAOB’s expected proposal is that it doesn’t go nearly far enough. It’s the same old diluted attempt at fixing things around the edges while trying to keep the audit firms happy.
Who’s the boss here?
In July 2011 I wrote:
Another perennial favorite audit reform straw man is audit partner signatures on audit reports. I wrote a column about it at Forbes.com this week.
As usual, I think the proposals never go far enough – more likely a feature rather than a bug – and that’s why they end up spinning, eventually, down the drain.
The PCAOB approved Auditing Standard No. 7, Engagement Quality Review on July 28, 2009. They also issued a Concept Release on requiring the engagement partner to sign the audit report.
The suggestion was not a new one. On October 14, 2009, the PCAOB’s Standing Advisory Group (SAG) discussed the concept release and the comments that were received.
Auditors have traditionally opposed individual partner signatures for audit reports arguing the engagement partner is already known to the client audit committees and partners already hold themselves accountable to their own own high standards of professionalism and accountability. Those professional standards are supplemented by mechanisms that are in place to allow third parties to hold them accountable.
The comment period closed September 11, 2009 and boy oh boy were there a lot of comments. The audit firms arrived en masse to denounce the proposal. Jim Hamilton’s World of Securities Regulation had a great summary of their arguments.
Whenever there’s talk again of reforms, the audit industry uses fear of catastrophic liability and higher fees to inure alignment with their clients – rather than shareholders the auditors view the public company executives who hire them as their client – and to scare everyone else into leaving sleeping dogs lie.
The global capital markets, not just current shareholders, need full disclosure of the engagement teams on all public issuers over time, and in a way that is accessible in general, not hidden in Edgar filings and PCAOB Forms.
I described my proposal back in Forbes in 2011:
It’s common for the accounting firms to keep partners on the payroll while under sanctions with the SEC until they are reinstated. It’s not unreasonable for financial services and insurance companies to want to know if the partners proposed for their engagement or rotated onto their audit were responsible for some of the major audit failures of the crisis era. It’s investors and their representatives – the Audit Committees – right and responsibility to know if the partner assigned to their engagement has been or still is under sanction by the SEC or PCAOB.
I propose a clearinghouse at the SEC that maintains the list of all key public accounting firm partners assigned to audit, tax, internal audit, and risk and compliance engagements at all public companies. That includes national office consultation partners. This database would also contain resumes, including prior clients served, licenses, certifications and other credentials, as well as up to date information about whether that partner has been named in disciplinary proceedings or litigation.
Auditors, and their firms, may claim that this is prejudicial or could discourage an honest, hardworking partner from working on difficult or problematic engagements.
I might ask:
What are audit firms hiding?
We now know more about what the firms have been hiding. There are several recent examples of why investors and the capital markets need to know all the key people involved in a public company audit and their history of sanctions, disciplinary actions and litigation.
The partner for bankrupt MF Global, Linda McGowan, was also involved with the audits of Goldman Sachs’ broker-dealer audit, as part of the larger audit, forever with no rotation or other regulatory constraint. She presided over poor internal controls at Knight Capital and Barings, and perhaps was there, as a consultant, when Deutsche Bank tried to figure out what was going on with $12bn of paper losses on complex derivative transactions during the financial crisis? That situation blew up in whistleblower claims.
Even worse, McGowan was the one PwC sent to look under the covers, peek behind the curtains at Bernie Madoff’s firm on behalf of PwC’s multiple audits of Fairfield Greenwich Group feeder funds to Madoff’s Ponzi scheme and Santander-Optimal Securities, another Madoff feeder fund. We know how well that turned out.
I am the only one who has published the name of the PwC engagement partner for MF Global. Why? Everyone else who knows who she is has a vested interest in burying that information.
All of the lawyers involved in litigation against MF Global know the identity of the PwC partner on the MF Global engagement. The two bankruptcy trustees, Louis Freeh and James Giddens, know who the partner from PwC is. However, since both trustees and their law firms have conflicts of interest with PwC, a “conflicts” counsel was established to handle all issues related to the auditors. One attorney involved in the process told me that the trustees, their staff, and anyone involved in the bankruptcies gets very skittish whenever PwC or its services comes up in discussions and leaves the room. It’s not surprising that the reports on progress of the investigations out of these offices had very few references to PwC or illuminated us about the firm’s knowledge of how $1.6 billion in customer funds disappeared.
Everyone who knows who the PwC partner is has some legal, ethical, or personal reason for not disclosing or discussing her identity or her career history in public or disclosing it to journalists. The only people that didn’t know the identity of the PwC partner or her career history were investors and the customers of MF Global who lost money.
We have also recently seen what happens when we don’t know which partners at the firm’s National Office are providing consultation to audit engagements. Turns out a Deloitte still-employed partner, Chris Anderson, who was suspended for his role in the audit debacle at Navistar, was giving out GAAS advice while suspended.
We would have never known Scott London rolled off then rolled back on as engagement partner at Skechers, one of the companies he betrayed by providing confidential information to a trading partner, if the CFO hadn’t opened his mouth in support of London to the FT. How often does an engagement partner, especially one that has significant authority over a practice and a region like London did, bend the rules to make sure he stays close to lucrative inside information or, at a minimum, his compensation gravy train? The public doesn’t know who took London’s place leading the audit during his roll off or if he maintained contact on the account during the cool-off period because neither KPMG nor Skechers would tell me.
- Jeffrey S. Anderson, barred in February 2012 in the Medicis case from associating with a PCAOB-registered accounting firm, with the right to petition to remove the bar after two years, is still employed by EY in an HR role.
- Ron Butler, censured by the PCAOB in February 2012 for Medicis, was the second partner, supervised by Anderson, on the Dec. 31, 2005 audit and also led the Dec. 31, 2006 audit and concurred with the consultation conclusion. Butler is the EY Phoenix office Managing Partner.
- Thomas Christie, also censured by the PCAOB in February 2012 for Medicis, was the second partner, supervised by Anderson, on the Dec. 31, 2007 audit. He is currently working as an audit partner at EY in Long Beach CA.
- E&Y partner Robert H. Thibault barred in February 2012 from associating with a PCAOB-registered accounting firm, with the right to petition to remove the bar after one year, was the independent review partner for the Dec. 31, 2005 and 2006 audits, and participated in the consultation in a National Office role as a member of E&Y’s Professional Practice Group. He retired from Ernst & Young LLP in June 2007. So much for timely sanctions.
Firms keep sanctioned partners around because they are needed as long as there is litigation against the firm. Sometimes, as in the Difazio case, the SEC also used a sanctioned partner who admitted to negligence, still employed by the firm, to testify against company executives, Delphi in Difazio’s case. Everyone counts on the public and the media to forget about the sanction the next day and for it to remain extremely difficult to track these guys’ careers to see if they pull a “Chris Anderson” and go back to work too early.
Imagine how difficult it is to determine, for example, if the partners at Deloitte that have led engagements under investigation related to Chinese reverse merger frauds continue to be responsible for other engagements with listed firms. It’s only when the partner is an inside trader like Scott London or Deloitte’s Tom Flanagan or EY’s James Gansman that his firm dump him and distances itself from the “rogue”. That’s how all three of those firms escaped any sanctions for their own repeated failures to spot them early and stop them before they committed more crimes.
Count on the audit firms to be more often like the Catholic Church who moved accused pedophiles around from parish to parish, hiding them, rather than supporting transparency and accountability by reporting them to authorities and cooperating in the investigations.